chef 16.4.35 → 16.6.14

Sign up to get free protection for your applications and to get access to all the features.
Files changed (320) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +1 -1
  3. data/Rakefile +2 -2
  4. data/bin/knife +1 -1
  5. data/chef.gemspec +2 -1
  6. data/lib/chef/api_client/registration.rb +6 -6
  7. data/lib/chef/application.rb +19 -22
  8. data/lib/chef/application/apply.rb +12 -7
  9. data/lib/chef/application/base.rb +26 -25
  10. data/lib/chef/application/client.rb +16 -8
  11. data/lib/chef/application/exit_code.rb +13 -4
  12. data/lib/chef/application/knife.rb +22 -11
  13. data/lib/chef/application/solo.rb +2 -1
  14. data/lib/chef/application/windows_service.rb +14 -14
  15. data/lib/chef/application/windows_service_manager.rb +6 -6
  16. data/lib/chef/chef_fs/chef_fs_data_store.rb +1 -1
  17. data/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_cookbook_entry.rb +1 -1
  18. data/lib/chef/chef_fs/knife.rb +2 -2
  19. data/lib/chef/chef_fs/parallelizer.rb +0 -1
  20. data/lib/chef/client.rb +12 -42
  21. data/lib/chef/cookbook/cookbook_version_loader.rb +1 -1
  22. data/lib/chef/cookbook/gem_installer.rb +1 -1
  23. data/lib/chef/cookbook/synchronizer.rb +2 -2
  24. data/lib/chef/cookbook_site_streaming_uploader.rb +13 -11
  25. data/lib/chef/cookbook_uploader.rb +1 -1
  26. data/lib/chef/data_collector.rb +7 -6
  27. data/lib/chef/data_collector/config_validation.rb +22 -13
  28. data/lib/chef/data_collector/run_end_message.rb +2 -2
  29. data/lib/chef/data_collector/run_start_message.rb +1 -1
  30. data/lib/chef/deprecated.rb +1 -1
  31. data/lib/chef/deprecation/warnings.rb +2 -2
  32. data/lib/chef/digester.rb +2 -2
  33. data/lib/chef/dsl/chef_vault.rb +1 -1
  34. data/lib/chef/dsl/data_query.rb +2 -2
  35. data/lib/chef/dsl/platform_introspection.rb +1 -1
  36. data/lib/chef/encrypted_data_bag_item.rb +3 -4
  37. data/lib/chef/encrypted_data_bag_item/decryptor.rb +3 -3
  38. data/lib/chef/encrypted_data_bag_item/encryptor.rb +3 -3
  39. data/lib/chef/environment.rb +2 -2
  40. data/lib/chef/event_loggers/windows_eventlog.rb +2 -2
  41. data/lib/chef/exceptions.rb +4 -4
  42. data/lib/chef/file_access_control/windows.rb +5 -1
  43. data/lib/chef/file_content_management/tempfile.rb +1 -1
  44. data/lib/chef/formatters/doc.rb +7 -6
  45. data/lib/chef/formatters/error_inspectors/api_error_formatting.rb +6 -5
  46. data/lib/chef/formatters/error_inspectors/node_load_error_inspector.rb +3 -3
  47. data/lib/chef/formatters/error_inspectors/registration_error_inspector.rb +9 -9
  48. data/lib/chef/formatters/error_inspectors/resource_failure_inspector.rb +2 -2
  49. data/lib/chef/formatters/error_inspectors/run_list_expansion_error_inspector.rb +3 -3
  50. data/lib/chef/formatters/indentable_output_stream.rb +2 -2
  51. data/lib/chef/formatters/minimal.rb +5 -4
  52. data/lib/chef/http.rb +6 -4
  53. data/lib/chef/http/auth_credentials.rb +5 -1
  54. data/lib/chef/http/authenticator.rb +1 -1
  55. data/lib/chef/http/basic_client.rb +4 -2
  56. data/lib/chef/http/decompressor.rb +1 -1
  57. data/lib/chef/http/http_request.rb +7 -5
  58. data/lib/chef/http/socketless_chef_zero_client.rb +5 -2
  59. data/lib/chef/http/ssl_policies.rb +1 -1
  60. data/lib/chef/json_compat.rb +1 -1
  61. data/lib/chef/knife.rb +4 -4
  62. data/lib/chef/knife/bootstrap.rb +16 -14
  63. data/lib/chef/knife/bootstrap/chef_vault_handler.rb +1 -1
  64. data/lib/chef/knife/bootstrap/templates/chef-full.erb +3 -3
  65. data/lib/chef/knife/bootstrap/templates/windows-chef-client-msi.erb +7 -7
  66. data/lib/chef/knife/client_create.rb +3 -3
  67. data/lib/chef/knife/config_get.rb +8 -97
  68. data/lib/chef/knife/config_get_profile.rb +9 -9
  69. data/lib/chef/knife/config_list.rb +139 -0
  70. data/lib/chef/knife/config_list_profiles.rb +8 -98
  71. data/lib/chef/knife/config_show.rb +127 -0
  72. data/lib/chef/knife/config_use.rb +61 -0
  73. data/lib/chef/knife/config_use_profile.rb +9 -24
  74. data/lib/chef/knife/configure.rb +4 -2
  75. data/lib/chef/knife/core/bootstrap_context.rb +2 -2
  76. data/lib/chef/knife/core/object_loader.rb +1 -1
  77. data/lib/chef/knife/core/ui.rb +1 -1
  78. data/lib/chef/knife/core/windows_bootstrap_context.rb +11 -11
  79. data/lib/chef/knife/exec.rb +2 -2
  80. data/lib/chef/knife/node_policy_set.rb +2 -2
  81. data/lib/chef/knife/node_run_list_add.rb +1 -1
  82. data/lib/chef/knife/node_run_list_remove.rb +1 -1
  83. data/lib/chef/knife/node_run_list_set.rb +1 -1
  84. data/lib/chef/knife/node_show.rb +2 -2
  85. data/lib/chef/knife/role_env_run_list_add.rb +1 -1
  86. data/lib/chef/knife/role_env_run_list_set.rb +1 -1
  87. data/lib/chef/knife/role_run_list_add.rb +1 -1
  88. data/lib/chef/knife/role_run_list_set.rb +1 -1
  89. data/lib/chef/knife/search.rb +0 -1
  90. data/lib/chef/knife/serve.rb +3 -3
  91. data/lib/chef/knife/ssh.rb +18 -3
  92. data/lib/chef/knife/ssl_check.rb +3 -3
  93. data/lib/chef/knife/status.rb +2 -2
  94. data/lib/chef/knife/tag_create.rb +1 -1
  95. data/lib/chef/knife/tag_delete.rb +1 -1
  96. data/lib/chef/knife/user_create.rb +2 -2
  97. data/lib/chef/knife/yaml_convert.rb +1 -1
  98. data/lib/chef/local_mode.rb +2 -2
  99. data/lib/chef/log/syslog.rb +2 -2
  100. data/lib/chef/log/winevt.rb +2 -2
  101. data/lib/chef/mixin/deep_merge.rb +0 -12
  102. data/lib/chef/mixin/openssl_helper.rb +1 -4
  103. data/lib/chef/mixin/powershell_exec.rb +22 -10
  104. data/lib/chef/mixin/powershell_out.rb +12 -5
  105. data/lib/chef/mixin/template.rb +3 -3
  106. data/lib/chef/mixin/uris.rb +4 -2
  107. data/lib/chef/mixin/versioned_api.rb +1 -2
  108. data/lib/chef/monkey_patches/net_http.rb +4 -4
  109. data/lib/chef/node/mixin/immutablize_hash.rb +2 -0
  110. data/lib/chef/node_map.rb +4 -4
  111. data/lib/chef/policy_builder/dynamic.rb +2 -0
  112. data/lib/chef/policy_builder/policyfile.rb +2 -2
  113. data/lib/chef/powershell.rb +3 -2
  114. data/lib/chef/provider.rb +1 -5
  115. data/lib/chef/provider/file.rb +2 -2
  116. data/lib/chef/provider/ifconfig.rb +2 -2
  117. data/lib/chef/provider/ifconfig/debian.rb +33 -15
  118. data/lib/chef/provider/ifconfig/redhat.rb +51 -17
  119. data/lib/chef/provider/launchd.rb +2 -2
  120. data/lib/chef/provider/link.rb +0 -9
  121. data/lib/chef/provider/mount/linux.rb +63 -0
  122. data/lib/chef/provider/package/dpkg.rb +3 -12
  123. data/lib/chef/provider/package/homebrew.rb +1 -1
  124. data/lib/chef/provider/package/rubygems.rb +21 -18
  125. data/lib/chef/provider/package/snap.rb +0 -1
  126. data/lib/chef/provider/package/windows.rb +2 -2
  127. data/lib/chef/provider/package/windows/registry_uninstall_entry.rb +3 -1
  128. data/lib/chef/provider/package/zypper.rb +1 -1
  129. data/lib/chef/provider/powershell_script.rb +12 -1
  130. data/lib/chef/provider/remote_file/content.rb +3 -0
  131. data/lib/chef/provider/remote_file/ftp.rb +6 -4
  132. data/lib/chef/provider/remote_file/sftp.rb +6 -4
  133. data/lib/chef/provider/route.rb +2 -6
  134. data/lib/chef/provider/service/macosx.rb +2 -2
  135. data/lib/chef/provider/service/redhat.rb +1 -1
  136. data/lib/chef/provider/template_finder.rb +2 -10
  137. data/lib/chef/provider/user/dscl.rb +5 -5
  138. data/lib/chef/provider/user/mac.rb +3 -3
  139. data/lib/chef/provider/windows_task.rb +1 -2
  140. data/lib/chef/provider/zypper_repository.rb +2 -2
  141. data/lib/chef/provider_resolver.rb +1 -1
  142. data/lib/chef/providers.rb +1 -0
  143. data/lib/chef/pwsh.rb +64 -0
  144. data/lib/chef/recipe.rb +2 -2
  145. data/lib/chef/resource.rb +2 -2
  146. data/lib/chef/resource/apt_repository.rb +6 -5
  147. data/lib/chef/resource/bff_package.rb +22 -0
  148. data/lib/chef/resource/breakpoint.rb +57 -2
  149. data/lib/chef/resource/build_essential.rb +1 -1
  150. data/lib/chef/resource/cab_package.rb +29 -0
  151. data/lib/chef/resource/chef_client_config.rb +313 -0
  152. data/lib/chef/resource/chef_client_cron.rb +35 -28
  153. data/lib/chef/resource/chef_client_launchd.rb +194 -0
  154. data/lib/chef/resource/chef_client_scheduled_task.rb +24 -21
  155. data/lib/chef/resource/chef_client_systemd_timer.rb +27 -20
  156. data/lib/chef/resource/chef_client_trusted_certificate.rb +101 -0
  157. data/lib/chef/resource/chef_gem.rb +10 -10
  158. data/lib/chef/resource/chef_handler.rb +149 -4
  159. data/lib/chef/resource/chef_sleep.rb +3 -3
  160. data/lib/chef/resource/chef_vault_secret.rb +1 -1
  161. data/lib/chef/resource/cookbook_file.rb +2 -2
  162. data/lib/chef/resource/cron/_cron_shared.rb +1 -0
  163. data/lib/chef/resource/cron/cron_d.rb +2 -3
  164. data/lib/chef/resource/dnf_package.rb +2 -2
  165. data/lib/chef/resource/dsc_resource.rb +0 -1
  166. data/lib/chef/resource/dsc_script.rb +2 -2
  167. data/lib/chef/resource/execute.rb +6 -6
  168. data/lib/chef/resource/file.rb +4 -4
  169. data/lib/chef/resource/gem_package.rb +5 -5
  170. data/lib/chef/resource/homebrew_package.rb +3 -3
  171. data/lib/chef/resource/homebrew_update.rb +5 -5
  172. data/lib/chef/resource/hostname.rb +2 -2
  173. data/lib/chef/resource/kernel_module.rb +1 -1
  174. data/lib/chef/resource/launchd.rb +17 -16
  175. data/lib/chef/resource/locale.rb +2 -2
  176. data/lib/chef/resource/macos_userdefaults.rb +3 -3
  177. data/lib/chef/resource/mount.rb +1 -1
  178. data/lib/chef/resource/notify_group.rb +0 -1
  179. data/lib/chef/resource/ohai.rb +46 -3
  180. data/lib/chef/resource/ohai_hint.rb +33 -0
  181. data/lib/chef/resource/openssl_dhparam.rb +27 -5
  182. data/lib/chef/resource/openssl_ec_private_key.rb +6 -3
  183. data/lib/chef/resource/openssl_ec_public_key.rb +2 -2
  184. data/lib/chef/resource/openssl_rsa_private_key.rb +6 -3
  185. data/lib/chef/resource/openssl_x509_certificate.rb +14 -14
  186. data/lib/chef/resource/openssl_x509_crl.rb +19 -10
  187. data/lib/chef/resource/openssl_x509_request.rb +14 -16
  188. data/lib/chef/resource/osx_profile.rb +77 -13
  189. data/lib/chef/resource/plist.rb +1 -1
  190. data/lib/chef/resource/powershell_package_source.rb +5 -5
  191. data/lib/chef/resource/powershell_script.rb +7 -1
  192. data/lib/chef/resource/reboot.rb +2 -2
  193. data/lib/chef/resource/remote_file.rb +3 -3
  194. data/lib/chef/resource/rhsm_register.rb +22 -10
  195. data/lib/chef/resource/ruby_block.rb +2 -2
  196. data/lib/chef/resource/scm/subversion.rb +2 -2
  197. data/lib/chef/resource/service.rb +3 -3
  198. data/lib/chef/resource/ssh_known_hosts_entry.rb +2 -2
  199. data/lib/chef/resource/support/client.erb +65 -0
  200. data/lib/chef/resource/support/cron.d.erb +1 -1
  201. data/lib/chef/resource/support/cron_access.erb +1 -1
  202. data/lib/chef/resource/support/sudoer.erb +1 -1
  203. data/lib/chef/resource/support/ulimit.erb +1 -1
  204. data/lib/chef/resource/sysctl.rb +1 -5
  205. data/lib/chef/resource/systemd_unit.rb +2 -2
  206. data/lib/chef/resource/template.rb +2 -2
  207. data/lib/chef/resource/timezone.rb +112 -73
  208. data/lib/chef/resource/windows_ad_join.rb +10 -3
  209. data/lib/chef/resource/windows_audit_policy.rb +26 -24
  210. data/lib/chef/resource/windows_certificate.rb +6 -4
  211. data/lib/chef/resource/windows_firewall_profile.rb +22 -20
  212. data/lib/chef/resource/windows_package.rb +28 -5
  213. data/lib/chef/resource/windows_printer.rb +5 -3
  214. data/lib/chef/resource/windows_printer_port.rb +6 -4
  215. data/lib/chef/resource/windows_user_privilege.rb +53 -54
  216. data/lib/chef/resource/windows_workgroup.rb +3 -3
  217. data/lib/chef/resource/yum_package.rb +2 -2
  218. data/lib/chef/resource_reporter.rb +0 -2
  219. data/lib/chef/resources.rb +4 -1
  220. data/lib/chef/run_context.rb +2 -2
  221. data/lib/chef/run_context/cookbook_compiler.rb +1 -1
  222. data/lib/chef/run_lock.rb +2 -2
  223. data/lib/chef/search/query.rb +6 -5
  224. data/lib/chef/shell.rb +31 -26
  225. data/lib/chef/shell/ext.rb +11 -11
  226. data/lib/chef/shell/shell_session.rb +2 -2
  227. data/lib/chef/train_transport.rb +5 -104
  228. data/lib/chef/util/backup.rb +1 -1
  229. data/lib/chef/util/diff.rb +3 -3
  230. data/lib/chef/util/powershell/cmdlet.rb +3 -1
  231. data/lib/chef/util/powershell/ps_credential.rb +18 -14
  232. data/lib/chef/util/threaded_job_queue.rb +0 -2
  233. data/lib/chef/version.rb +1 -1
  234. data/lib/chef/win32/crypto.rb +1 -1
  235. data/lib/chef/win32/file.rb +1 -1
  236. data/lib/chef/win32/registry.rb +1 -2
  237. data/lib/chef/win32/unicode.rb +1 -1
  238. data/spec/data/shef-config.rb +1 -1
  239. data/spec/functional/event_loggers/windows_eventlog_spec.rb +6 -5
  240. data/spec/functional/mixin/powershell_out_spec.rb +9 -1
  241. data/spec/functional/resource/aix_service_spec.rb +2 -2
  242. data/spec/functional/resource/aixinit_service_spec.rb +1 -1
  243. data/spec/functional/resource/insserv_spec.rb +1 -1
  244. data/spec/functional/resource/powershell_script_spec.rb +57 -14
  245. data/spec/functional/resource/user/dscl_spec.rb +1 -1
  246. data/spec/functional/resource/user/mac_user_spec.rb +1 -1
  247. data/spec/functional/resource/windows_task_spec.rb +13 -13
  248. data/spec/functional/version_spec.rb +3 -3
  249. data/spec/integration/client/client_spec.rb +4 -4
  250. data/spec/integration/client/exit_code_spec.rb +3 -2
  251. data/spec/integration/client/ipv6_spec.rb +1 -1
  252. data/spec/integration/knife/{config_list_profiles_spec.rb → config_list_spec.rb} +30 -29
  253. data/spec/integration/knife/{config_get_spec.rb → config_show_spec.rb} +3 -3
  254. data/spec/integration/knife/{config_use_profile_spec.rb → config_use_spec.rb} +53 -10
  255. data/spec/integration/knife/cookbook_api_ipv6_spec.rb +1 -1
  256. data/spec/integration/ohai/ohai_spec.rb +61 -0
  257. data/spec/integration/recipes/remote_directory.rb +1 -1
  258. data/spec/integration/solo/solo_spec.rb +5 -5
  259. data/spec/spec_helper.rb +8 -6
  260. data/spec/stress/win32/file_spec.rb +1 -1
  261. data/spec/support/chef_helpers.rb +2 -2
  262. data/spec/support/matchers/leak.rb +2 -2
  263. data/spec/support/platform_helpers.rb +22 -35
  264. data/spec/support/shared/functional/securable_resource.rb +108 -27
  265. data/spec/support/shared/functional/win32_service.rb +1 -1
  266. data/spec/support/shared/unit/application_dot_d.rb +5 -3
  267. data/spec/tiny_server.rb +0 -1
  268. data/spec/unit/application/client_spec.rb +2 -2
  269. data/spec/unit/application/exit_code_spec.rb +10 -0
  270. data/spec/unit/application_spec.rb +4 -6
  271. data/spec/unit/chef_fs/config_spec.rb +1 -1
  272. data/spec/unit/chef_fs/data_handler/data_bag_item_data_handler.rb +1 -1
  273. data/spec/unit/chef_fs/parallelizer_spec.rb +5 -1
  274. data/spec/unit/chef_fs/path_util_spec.rb +1 -1
  275. data/spec/unit/cookbook/synchronizer_spec.rb +2 -2
  276. data/spec/unit/cookbook_spec.rb +2 -2
  277. data/spec/unit/data_collector/config_validation_spec.rb +208 -0
  278. data/spec/unit/data_collector_spec.rb +6 -117
  279. data/spec/unit/dsl/declare_resource_spec.rb +1 -1
  280. data/spec/unit/file_access_control_spec.rb +1 -1
  281. data/spec/unit/knife/bootstrap_spec.rb +6 -6
  282. data/spec/unit/knife/core/ui_spec.rb +1 -0
  283. data/spec/unit/knife/ssh_spec.rb +2 -2
  284. data/spec/unit/lwrp_spec.rb +3 -3
  285. data/spec/unit/mixin/deep_merge_spec.rb +15 -0
  286. data/spec/unit/mixin/openssl_helper_spec.rb +1 -1
  287. data/spec/unit/mixin/powershell_exec_spec.rb +39 -2
  288. data/spec/unit/mixin/powershell_out_spec.rb +14 -0
  289. data/spec/unit/mixin/securable_spec.rb +2 -2
  290. data/spec/unit/node/immutable_collections_spec.rb +2 -2
  291. data/spec/unit/provider/mount/linux_spec.rb +97 -0
  292. data/spec/unit/provider/package/chocolatey_spec.rb +1 -1
  293. data/spec/unit/provider/package/powershell_spec.rb +1 -1
  294. data/spec/unit/provider/package/rubygems_spec.rb +4 -1
  295. data/spec/unit/provider/powershell_script_spec.rb +11 -0
  296. data/spec/unit/provider/route_spec.rb +0 -2
  297. data/spec/unit/recipe_spec.rb +1 -1
  298. data/spec/unit/resource/chef_client_config_spec.rb +137 -0
  299. data/spec/unit/resource/chef_client_cron_spec.rb +35 -14
  300. data/spec/unit/resource/chef_client_launchd_spec.rb +127 -0
  301. data/spec/unit/resource/chef_client_systemd_timer_spec.rb +36 -1
  302. data/spec/unit/resource/chef_client_trusted_certificate_spec.rb +54 -0
  303. data/spec/unit/resource/launchd_spec.rb +8 -0
  304. data/spec/unit/resource/osx_profile_spec.rb +67 -1
  305. data/spec/unit/resource/powershell_script_spec.rb +2 -2
  306. data/spec/unit/resource/rhsm_register_spec.rb +56 -18
  307. data/spec/unit/resource/timezone_spec.rb +63 -0
  308. data/spec/unit/resource/windows_uac_spec.rb +1 -1
  309. data/spec/unit/resource/windows_user_privilege_spec.rb +55 -0
  310. data/spec/unit/run_lock_spec.rb +5 -1
  311. data/spec/unit/runner_spec.rb +1 -2
  312. data/spec/unit/shell/shell_ext_spec.rb +46 -3
  313. data/spec/unit/shell/shell_session_spec.rb +35 -64
  314. data/spec/unit/shell_spec.rb +16 -19
  315. data/spec/unit/train_transport_spec.rb +14 -13
  316. data/spec/unit/util/selinux_spec.rb +2 -0
  317. data/tasks/rspec.rb +0 -2
  318. metadata +46 -18
  319. data/lib/chef/dist.rb +0 -68
  320. data/spec/integration/knife/config_get_profile_spec.rb +0 -114
@@ -15,7 +15,7 @@
15
15
  #
16
16
 
17
17
  require_relative "../resource"
18
- require_relative "../dist"
18
+ require "chef-utils/dist" unless defined?(ChefUtils::Dist)
19
19
 
20
20
  class Chef
21
21
  class Resource
@@ -24,42 +24,42 @@ class Chef
24
24
 
25
25
  provides :chef_client_systemd_timer
26
26
 
27
- description "Use the **chef_client_systemd_timer** resource to setup the #{Chef::Dist::PRODUCT} to run as a systemd timer."
27
+ description "Use the **chef_client_systemd_timer** resource to setup the #{ChefUtils::Dist::Infra::PRODUCT} to run as a systemd timer."
28
28
  introduced "16.0"
29
29
  examples <<~DOC
30
- **Setup #{Chef::Dist::PRODUCT} to run using the default 30 minute cadence**:
30
+ **Setup #{ChefUtils::Dist::Infra::PRODUCT} to run using the default 30 minute cadence**:
31
31
 
32
32
  ```ruby
33
- chef_client_systemd_timer "Run #{Chef::Dist::PRODUCT} as a systemd timer"
33
+ chef_client_systemd_timer 'Run #{ChefUtils::Dist::Infra::PRODUCT} as a systemd timer'
34
34
  ```
35
35
 
36
- **Run #{Chef::Dist::PRODUCT} every 1 hour**:
36
+ **Run #{ChefUtils::Dist::Infra::PRODUCT} every 1 hour**:
37
37
 
38
38
  ```ruby
39
- chef_client_systemd_timer "Run #{Chef::Dist::PRODUCT} every 1 hour" do
40
- interval "1hr"
39
+ chef_client_systemd_timer 'Run #{ChefUtils::Dist::Infra::PRODUCT} every 1 hour' do
40
+ interval '1hr'
41
41
  end
42
42
  ```
43
43
 
44
- **Run #{Chef::Dist::PRODUCT} with extra options passed to the client**:
44
+ **Run #{ChefUtils::Dist::Infra::PRODUCT} with extra options passed to the client**:
45
45
 
46
46
  ```ruby
47
- chef_client_systemd_timer "Run an override recipe" do
48
- daemon_options ["--override-runlist mycorp_base::default"]
47
+ chef_client_systemd_timer 'Run an override recipe' do
48
+ daemon_options ['--override-runlist mycorp_base::default']
49
49
  end
50
50
  ```
51
51
  DOC
52
52
 
53
53
  property :job_name, String,
54
54
  description: "The name of the system timer to create.",
55
- default: Chef::Dist::CLIENT
55
+ default: ChefUtils::Dist::Infra::CLIENT
56
56
 
57
57
  property :description, String,
58
58
  description: "The description to add to the systemd timer. This will be displayed when running `systemctl status` for the timer.",
59
- default: "#{Chef::Dist::PRODUCT} periodic execution"
59
+ default: "#{ChefUtils::Dist::Infra::PRODUCT} periodic execution"
60
60
 
61
61
  property :user, String,
62
- description: "The name of the user that #{Chef::Dist::PRODUCT} runs as.",
62
+ description: "The name of the user that #{ChefUtils::Dist::Infra::PRODUCT} runs as.",
63
63
  default: "root"
64
64
 
65
65
  property :delay_after_boot, String,
@@ -71,7 +71,7 @@ class Chef
71
71
  default: "30min"
72
72
 
73
73
  property :splay, String,
74
- description: "A interval between 0 and X to add to the interval so that all #{Chef::Dist::CLIENT} commands don't execute at the same time. This is expressed as a systemd time span such as `300seconds`, `1hr`, or `1m`. See <https://www.freedesktop.org/software/systemd/man/systemd.time.html> for a complete list of allowed time span values.",
74
+ description: "A interval between 0 and X to add to the interval so that all #{ChefUtils::Dist::Infra::CLIENT} commands don't execute at the same time. This is expressed as a systemd time span such as `300seconds`, `1hr`, or `1m`. See <https://www.freedesktop.org/software/systemd/man/systemd.time.html> for a complete list of allowed time span values.",
75
75
  default: "5min"
76
76
 
77
77
  property :accept_chef_license, [true, false],
@@ -79,25 +79,31 @@ class Chef
79
79
  default: false
80
80
 
81
81
  property :run_on_battery, [true, false],
82
- description: "Run the timer for #{Chef::Dist::PRODUCT} if the system is on battery.",
82
+ description: "Run the timer for #{ChefUtils::Dist::Infra::PRODUCT} if the system is on battery.",
83
83
  default: true
84
84
 
85
85
  property :config_directory, String,
86
86
  description: "The path of the config directory.",
87
- default: Chef::Dist::CONF_DIR
87
+ default: ChefConfig::Config.etc_chef_dir
88
88
 
89
89
  property :chef_binary_path, String,
90
- description: "The path to the #{Chef::Dist::CLIENT} binary.",
91
- default: "/opt/#{Chef::Dist::DIR_SUFFIX}/bin/#{Chef::Dist::CLIENT}"
90
+ description: "The path to the #{ChefUtils::Dist::Infra::CLIENT} binary.",
91
+ default: "/opt/#{ChefUtils::Dist::Infra::DIR_SUFFIX}/bin/#{ChefUtils::Dist::Infra::CLIENT}"
92
92
 
93
93
  property :daemon_options, Array,
94
- description: "An array of options to pass to the #{Chef::Dist::CLIENT} command.",
94
+ description: "An array of options to pass to the #{ChefUtils::Dist::Infra::CLIENT} command.",
95
95
  default: lazy { [] }
96
96
 
97
97
  property :environment, Hash,
98
98
  description: "A Hash containing additional arbitrary environment variables under which the systemd timer will be run in the form of `({'ENV_VARIABLE' => 'VALUE'})`.",
99
99
  default: lazy { {} }
100
100
 
101
+ property :cpu_quota, [Integer, String],
102
+ description: "The systemd CPUQuota to run the #{ChefUtils::Dist::Infra::CLIENT} process with. This is a percentage value of the total CPU time available on the system. If the system has more than 1 core this may be a value greater than 100.",
103
+ introduced: "16.5",
104
+ coerce: proc { |x| Integer(x) },
105
+ callbacks: { "should be a positive Integer" => proc { |v| v > 0 } }
106
+
101
107
  action :add do
102
108
  systemd_unit "#{new_resource.job_name}.service" do
103
109
  content service_content
@@ -127,7 +133,7 @@ class Chef
127
133
  # @return [String]
128
134
  #
129
135
  def chef_client_cmd
130
- cmd = "#{new_resource.chef_binary_path}"
136
+ cmd = new_resource.chef_binary_path.dup
131
137
  cmd << " #{new_resource.daemon_options.join(" ")}" unless new_resource.daemon_options.empty?
132
138
  cmd << " --chef-license accept" if new_resource.accept_chef_license
133
139
  cmd << " -c #{::File.join(new_resource.config_directory, "client.rb")}"
@@ -171,6 +177,7 @@ class Chef
171
177
  }
172
178
 
173
179
  unit["Service"]["ConditionACPower"] = "true" unless new_resource.run_on_battery
180
+ unit["Service"]["CPUQuota"] = new_resource.cpu_quota if new_resource.cpu_quota
174
181
  unit["Service"]["Environment"] = new_resource.environment.collect { |k, v| "\"#{k}=#{v}\"" } unless new_resource.environment.empty?
175
182
  unit
176
183
  end
@@ -0,0 +1,101 @@
1
+ #
2
+ # Copyright:: Copyright (c) Chef Software Inc.
3
+ #
4
+ # Licensed under the Apache License, Version 2.0 (the "License");
5
+ # you may not use this file except in compliance with the License.
6
+ # You may obtain a copy of the License at
7
+ #
8
+ # http://www.apache.org/licenses/LICENSE-2.0
9
+ #
10
+ # Unless required by applicable law or agreed to in writing, software
11
+ # distributed under the License is distributed on an "AS IS" BASIS,
12
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13
+ # See the License for the specific language governing permissions and
14
+ # limitations under the License.
15
+ #
16
+
17
+ require_relative "../resource"
18
+ require "chef-utils/dist" unless defined?(ChefUtils::Dist)
19
+
20
+ class Chef
21
+ class Resource
22
+ class ChefClientTrustedCertificate < Chef::Resource
23
+ unified_mode true
24
+
25
+ provides :chef_client_trusted_certificate
26
+
27
+ description "Use the **chef_client_trusted_certificate** resource to add certificates to #{ChefUtils::Dist::Infra::PRODUCT}'s trusted certificate directory. This allows the #{ChefUtils::Dist::Infra::PRODUCT} to communicate with internal encrypted resources without errors."
28
+ introduced "16.5"
29
+ examples <<~DOC
30
+ **Trust a self signed certificate**:
31
+
32
+ ```ruby
33
+ chef_client_trusted_certificate 'self-signed.badssl.com' do
34
+ certificate <<~CERT
35
+ -----BEGIN CERTIFICATE-----
36
+ MIIDeTCCAmGgAwIBAgIJAPziuikCTox4MA0GCSqGSIb3DQEBCwUAMGIxCzAJBgNV
37
+ BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJhbmNp
38
+ c2NvMQ8wDQYDVQQKDAZCYWRTU0wxFTATBgNVBAMMDCouYmFkc3NsLmNvbTAeFw0x
39
+ OTEwMDkyMzQxNTJaFw0yMTEwMDgyMzQxNTJaMGIxCzAJBgNVBAYTAlVTMRMwEQYD
40
+ VQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJhbmNpc2NvMQ8wDQYDVQQK
41
+ DAZCYWRTU0wxFTATBgNVBAMMDCouYmFkc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEB
42
+ BQADggEPADCCAQoCggEBAMIE7PiM7gTCs9hQ1XBYzJMY61yoaEmwIrX5lZ6xKyx2
43
+ PmzAS2BMTOqytMAPgLaw+XLJhgL5XEFdEyt/ccRLvOmULlA3pmccYYz2QULFRtMW
44
+ hyefdOsKnRFSJiFzbIRMeVXk0WvoBj1IFVKtsyjbqv9u/2CVSndrOfEk0TG23U3A
45
+ xPxTuW1CrbV8/q71FdIzSOciccfCFHpsKOo3St/qbLVytH5aohbcabFXRNsKEqve
46
+ ww9HdFxBIuGa+RuT5q0iBikusbpJHAwnnqP7i/dAcgCskgjZjFeEU4EFy+b+a1SY
47
+ QCeFxxC7c3DvaRhBB0VVfPlkPz0sw6l865MaTIbRyoUCAwEAAaMyMDAwCQYDVR0T
48
+ BAIwADAjBgNVHREEHDAaggwqLmJhZHNzbC5jb22CCmJhZHNzbC5jb20wDQYJKoZI
49
+ hvcNAQELBQADggEBAGlwCdbPxflZfYOaukZGCaxYK6gpincX4Lla4Ui2WdeQxE95
50
+ w7fChXvP3YkE3UYUE7mupZ0eg4ZILr/A0e7JQDsgIu/SRTUE0domCKgPZ8v99k3A
51
+ vka4LpLK51jHJJK7EFgo3ca2nldd97GM0MU41xHFk8qaK1tWJkfrrfcGwDJ4GQPI
52
+ iLlm6i0yHq1Qg1RypAXJy5dTlRXlCLd8ufWhhiwW0W75Va5AEnJuqpQrKwl3KQVe
53
+ wGj67WWRgLfSr+4QG1mNvCZb2CkjZWmxkGPuoP40/y7Yu5OFqxP5tAjj4YixCYTW
54
+ EVA0pmzIzgBg+JIe3PdRy27T0asgQW/F4TY61Yk=
55
+ -----END CERTIFICATE-----
56
+ CERT
57
+ end
58
+ ```
59
+ DOC
60
+
61
+ property :cert_name, String, name_property: true,
62
+ description: "The name to use for the certificate file on disk. If not provided the name of the resource block will be used instead."
63
+
64
+ property :certificate, String, required: [:add],
65
+ description: "The text of the certificate file including the BEGIN/END comment lines."
66
+
67
+ action :add do
68
+ unless ::Dir.exist?(Chef::Config[:trusted_certs_dir])
69
+ directory Chef::Config[:trusted_certs_dir] do
70
+ mode "0640"
71
+ recursive true
72
+ end
73
+ end
74
+
75
+ file cert_path do
76
+ content new_resource.certificate
77
+ mode "0640"
78
+ end
79
+ end
80
+
81
+ action :remove do
82
+ file cert_path do
83
+ action :delete
84
+ end
85
+ end
86
+
87
+ action_class do
88
+ #
89
+ # The path to the string on disk
90
+ #
91
+ # @return [String]
92
+ #
93
+ def cert_path
94
+ path = ::File.join(Chef::Config[:trusted_certs_dir], new_resource.cert_name)
95
+ path << ".pem" unless path.end_with?(".pem")
96
+ path
97
+ end
98
+ end
99
+ end
100
+ end
101
+ end
@@ -18,7 +18,7 @@
18
18
 
19
19
  require_relative "package"
20
20
  require_relative "gem_package"
21
- require_relative "../dist"
21
+ require "chef-utils/dist" unless defined?(ChefUtils::Dist)
22
22
 
23
23
  class Chef
24
24
  class Resource
@@ -27,27 +27,27 @@ class Chef
27
27
  provides :chef_gem
28
28
 
29
29
  description <<~DESC
30
- Use the **chef_gem** resource to install a gem only for the instance of Ruby that is dedicated to the #{Chef::Dist::CLIENT}.
30
+ Use the **chef_gem** resource to install a gem only for the instance of Ruby that is dedicated to the #{ChefUtils::Dist::Infra::CLIENT}.
31
31
  When a gem is installed from a local file, it must be added to the node using the **remote_file** or **cookbook_file** resources.
32
32
 
33
33
  The **chef_gem** resource works with all of the same properties and options as the **gem_package** resource, but does not
34
- accept the `gem_binary` property because it always uses the `CurrentGemEnvironment` under which the `#{Chef::Dist::CLIENT}` is
34
+ accept the `gem_binary` property because it always uses the `CurrentGemEnvironment` under which the `#{ChefUtils::Dist::Infra::CLIENT}` is
35
35
  running. In addition to performing actions similar to the **gem_package** resource, the **chef_gem** resource does the
36
36
  following:
37
37
  - Runs its actions immediately, before convergence, allowing a gem to be used in a recipe immediately after it is installed.
38
38
  - Runs `Gem.clear_paths` after the action, ensuring that gem is aware of changes so that it can be required immediately after it is installed.
39
39
 
40
- Warning: The **chef_gem** and **gem_package** resources are both used to install Ruby gems. For any machine on which #{Chef::Dist::PRODUCT} is
40
+ Warning: The **chef_gem** and **gem_package** resources are both used to install Ruby gems. For any machine on which #{ChefUtils::Dist::Infra::PRODUCT} is
41
41
  installed, there are two instances of Ruby. One is the standard, system-wide instance of Ruby and the other is a dedicated instance that is
42
- available only to #{Chef::Dist::PRODUCT}.
43
- Use the **chef_gem** resource to install gems into the instance of Ruby that is dedicated to #{Chef::Dist::PRODUCT}.
42
+ available only to #{ChefUtils::Dist::Infra::PRODUCT}.
43
+ Use the **chef_gem** resource to install gems into the instance of Ruby that is dedicated to #{ChefUtils::Dist::Infra::PRODUCT}.
44
44
  Use the **gem_package** resource to install all other gems (i.e. install gems system-wide).
45
45
  DESC
46
46
 
47
47
  examples <<~EXAMPLES
48
48
  **Compile time vs. converge time installation of gems**
49
49
 
50
- To install a gem while #{Chef::Dist::PRODUCT} is configuring the node (the converge phase), set the `compile_time` property to `false`:
50
+ To install a gem while #{ChefUtils::Dist::Infra::PRODUCT} is configuring the node (the converge phase), set the `compile_time` property to `false`:
51
51
  ```ruby
52
52
  chef_gem 'right_aws' do
53
53
  compile_time false
@@ -63,7 +63,7 @@ class Chef
63
63
  end
64
64
  ```
65
65
 
66
- Install MySQL for Chef
66
+ **Install MySQL gem into #{ChefUtils::Dist::Infra::PRODUCT}***
67
67
  ```ruby
68
68
  apt_update
69
69
 
@@ -84,8 +84,8 @@ class Chef
84
84
 
85
85
  property :gem_binary, String,
86
86
  default: "#{RbConfig::CONFIG["bindir"]}/gem",
87
- default_description: "The `gem` binary included with #{Chef::Dist::PRODUCT}.",
88
- description: "The path of a gem binary to use for the installation. By default, the same version of Ruby that is used by #{Chef::Dist::PRODUCT} will be used.",
87
+ default_description: "The `gem` binary included with #{ChefUtils::Dist::Infra::PRODUCT}.",
88
+ description: "The path of a gem binary to use for the installation. By default, the same version of Ruby that is used by #{ChefUtils::Dist::Infra::PRODUCT} will be used.",
89
89
  callbacks: {
90
90
  "The `chef_gem` resource is restricted to the current gem environment, use `gem_package` to install to other environments." =>
91
91
  proc { |v| v == "#{RbConfig::CONFIG["bindir"]}/gem" },
@@ -16,7 +16,7 @@
16
16
  #
17
17
 
18
18
  require_relative "../resource"
19
- require_relative "../dist"
19
+ require "chef-utils/dist" unless defined?(ChefUtils::Dist)
20
20
 
21
21
  class Chef
22
22
  class Resource
@@ -25,8 +25,153 @@ class Chef
25
25
 
26
26
  provides(:chef_handler) { true }
27
27
 
28
- description "Use the **chef_handler** resource to install or uninstall reporting/exception handlers."
28
+ description "Use the **chef_handler** resource to enable handlers during a #{ChefUtils::Dist::Infra::PRODUCT} run. The resource allows arguments to be passed to #{ChefUtils::Dist::Infra::PRODUCT}, which then applies the conditions defined by the custom handler to the node attribute data collected during a #{ChefUtils::Dist::Infra::PRODUCT} run, and then processes the handler based on that data.\nThe **chef_handler** resource is typically defined early in a node's run-list (often being the first item). This ensures that all of the handlers will be available for the entire #{ChefUtils::Dist::Infra::PRODUCT} run."
29
29
  introduced "14.0"
30
+ examples <<~'DOC'
31
+ **Enable the 'MyHandler' handler**
32
+
33
+ The following example shows how to enable a fictional 'MyHandler' handler which is located on disk at `/etc/chef/my_handler.rb`. The handler will be configured to run with Chef Infra Client and will be passed values to the handler's initializer method:
34
+
35
+ ```ruby
36
+ chef_handler 'MyHandler' do
37
+ source '/etc/chef/my_handler.rb' # the file should already be at this path
38
+ arguments path: '/var/chef/reports'
39
+ action :enable
40
+ end
41
+ ```
42
+
43
+ **Enable handlers during the compile phase**
44
+
45
+ ```ruby
46
+ chef_handler 'Chef::Handler::JsonFile' do
47
+ source 'chef/handler/json_file'
48
+ arguments path: '/var/chef/reports'
49
+ action :enable
50
+ compile_time true
51
+ end
52
+ ```
53
+
54
+ **Handle only exceptions**
55
+
56
+ ```ruby
57
+ chef_handler 'Chef::Handler::JsonFile' do
58
+ source 'chef/handler/json_file'
59
+ arguments path: '/var/chef/reports'
60
+ type exception: true
61
+ action :enable
62
+ end
63
+ ```
64
+
65
+ **Cookbook Versions (a custom handler)**
66
+
67
+ [@juliandunn](https://github.com/juliandunn) created a custom report handler that logs all of the cookbooks and cookbook versions that were used during a Chef Infra Client run, and then reports after the run is complete.
68
+
69
+ cookbook_versions.rb:
70
+
71
+ The following custom handler defines how cookbooks and cookbook versions that are used during a Chef Infra Client run will be compiled into a report using the `Chef::Log` class in Chef Infra Client:
72
+
73
+ ```ruby
74
+ require 'chef/log'
75
+
76
+ module Chef
77
+ class CookbookVersionsHandler < Chef::Handler
78
+ def report
79
+ cookbooks = run_context.cookbook_collection
80
+ Chef::Log.info('Cookbooks and versions run: #{cookbooks.map {|x| x.name.to_s + ' ' + x.version }}')
81
+ end
82
+ end
83
+ end
84
+ ```
85
+
86
+ default.rb:
87
+
88
+ The following recipe is added to the run-list for every node on which a list of cookbooks and versions will be generated as report output after every Chef Infra Client run.
89
+
90
+ ```ruby
91
+ cookbook_file '/etc/chef/cookbook_versions.rb' do
92
+ source 'cookbook_versions.rb'
93
+ action :create
94
+ end
95
+
96
+ chef_handler 'Chef::CookbookVersionsHandler' do
97
+ source '/etc/chef/cookbook_versions.rb'
98
+ type report: true
99
+ action :enable
100
+ end
101
+ ```
102
+
103
+ This recipe will generate report output similar to the following:
104
+
105
+ ```
106
+ [2013-11-26T03:11:06+00:00] INFO: Chef Infra Client Run complete in 0.300029878 seconds
107
+ [2013-11-26T03:11:06+00:00] INFO: Running report handlers
108
+ [2013-11-26T03:11:06+00:00] INFO: Cookbooks and versions run: ["cookbook_versions_handler 1.0.0"]
109
+ [2013-11-26T03:11:06+00:00] INFO: Report handlers complete
110
+ ```
111
+
112
+ **JsonFile Handler**
113
+
114
+ The JsonFile handler is available from the `chef_handler` cookbook and can be used with exceptions and reports. It serializes run status data to a JSON file. This handler may be enabled in one of the following ways.
115
+
116
+ By adding the following lines of Ruby code to either the client.rb file or the solo.rb file, depending on how Chef Infra Client is being run:
117
+
118
+ ```ruby
119
+ require 'chef/handler/json_file'
120
+ report_handlers << Chef::Handler::JsonFile.new(path: '/var/chef/reports')
121
+ exception_handlers << Chef::Handler::JsonFile.new(path: '/var/chef/reports')
122
+ ```
123
+
124
+ By using the `chef_handler` resource in a recipe, similar to the following:
125
+
126
+ ```ruby
127
+ chef_handler 'Chef::Handler::JsonFile' do
128
+ source 'chef/handler/json_file'
129
+ arguments path: '/var/chef/reports'
130
+ action :enable
131
+ end
132
+ ```
133
+
134
+ After it has run, the run status data can be loaded and inspected via Interactive Ruby (IRb):
135
+
136
+ ```
137
+ irb(main):002:0> require 'json' => true
138
+ irb(main):003:0> require 'chef' => true
139
+ irb(main):004:0> r = JSON.parse(IO.read('/var/chef/reports/chef-run-report-20110322060731.json')) => ... output truncated
140
+ irb(main):005:0> r.keys => ['end_time', 'node', 'updated_resources', 'exception', 'all_resources', 'success', 'elapsed_time', 'start_time', 'backtrace']
141
+ irb(main):006:0> r['elapsed_time'] => 0.00246
142
+ ```
143
+
144
+ Register the JsonFile handler
145
+
146
+ ```ruby
147
+ chef_handler 'Chef::Handler::JsonFile' do
148
+ source 'chef/handler/json_file'
149
+ arguments path: '/var/chef/reports'
150
+ action :enable
151
+ end
152
+ ```
153
+
154
+ **ErrorReport Handler**
155
+
156
+ The ErrorReport handler is built into Chef Infra Client and can be used for both exceptions and reports. It serializes error report data to a JSON file. This handler may be enabled in one of the following ways.
157
+
158
+ By adding the following lines of Ruby code to either the client.rb file or the solo.rb file, depending on how Chef Infra Client is being run:
159
+
160
+ ```ruby
161
+ require 'chef/handler/error_report'
162
+ report_handlers << Chef::Handler::ErrorReport.new
163
+ exception_handlers << Chef::Handler::ErrorReport.new
164
+ ```
165
+
166
+ By using the `chef_handler` resource in a recipe, similar to the following:
167
+
168
+ ```ruby
169
+ chef_handler 'Chef::Handler::ErrorReport' do
170
+ source 'chef/handler/error_report'
171
+ action :enable
172
+ end
173
+ ```
174
+ DOC
30
175
 
31
176
  property :class_name, String,
32
177
  description: "The name of the handler class. This can be module name-spaced.",
@@ -50,7 +195,7 @@ class Chef
50
195
  # This action needs to find an rb file that presumably contains the indicated class in it and the
51
196
  # load that file. It then instantiates that class by name and registers it as a handler.
52
197
  action :enable do
53
- description "Enables the handler for the current #{Chef::Dist::PRODUCT} run on the current node"
198
+ description "Enables the handler for the current #{ChefUtils::Dist::Infra::PRODUCT} run on the current node"
54
199
 
55
200
  class_name = new_resource.class_name
56
201
  new_resource.type.each do |type, enable|
@@ -74,7 +219,7 @@ class Chef
74
219
  end
75
220
 
76
221
  action :disable do
77
- description "Disables the handler for the current #{Chef::Dist::PRODUCT} run on the current node"
222
+ description "Disables the handler for the current #{ChefUtils::Dist::Infra::PRODUCT} run on the current node"
78
223
 
79
224
  new_resource.type.each_key do |type|
80
225
  unregister_handler(type, new_resource.class_name)